<?php
if(@$_SERVER['host'] != 'localhost') {
	set_include_path( '/var/chroot/home/content/11/8242711/data/php_includes' . PATH_SEPARATOR . ini_get( 'include_path' ) );
}
ini_set('display_errors', 'stderr');
include_once('DB.class.php');
include_once('HTSecurity.php');
include_once('HTGCaptcha.php');
include_once('HTGNotification.php');

include_once('utils.php');
/* include_path required because
 * Go Daddy didn't allow us to alter
* php.ini with purchasing product webhosting 2 */

class HTGPage {
	public $ADMIN_EMAIL_ARRAY=array('halftimegenius@gmail.com', 'chris.mondor@gmail.com');
	public $content='';
	public $preHeadCloseContent='';
	/* @var $myUtils Utils */
	public $myUtils = false;
	/* @var $mySecurity HTSecurity */
	public $mySecurity = false;
	/* @var $myCaptcha HTGCaptcha */
	public $myCaptcha = false;
	/* @var $myNotificaion HTGNotification */
	public $myNotification = false;
	

	public function __construct() {
		$this->startSession();
		$this->mySecurity = new HTSecurity();

		$this->myUtils = new Utils(new DB());
		$theResult = $this->mySecurity->setUtils($this->myUtils);

		$this->myCaptcha = new HTGCaptcha();		
		
		$this->myNotification = new HTGNotification();
	}
	
	public function redirectTo($script) {
		header('Location: ' . $script);
	}
	
	public function startSession() {
		session_start();		
	}

	//functionality duplicated in HTSecurity.php
	/**
	 * 
	 * Determines if request user is logged in
	 * returns false if not
	 */
	public function isLoggedIn() {
		return isset($_SESSION['login_email']);
	}
	
	/**
	 * 
	 * Completley Authenticates and logs the user in
	 * @param string $myUsername
	 * @param string $myPassword
	 * returns false if failure, sets $page->errorArray
	 */
	public function login($myUsername, $myPassword) {
		$authenticated = $this->mySecurity->authenticateUser($myUsername, $myPassword);
		sleep(2);
		if($authenticated) {
			$userRecords = $this->myUtils->getUser($myUsername);
			$user = $userRecords[0];
			$_SESSION['login_email'] = $myUsername;
			$_SESSION['isLoggedIn'] = true;
			$_SESSION['u_id'] = $user['u_id'];
			
			if(in_array($myUsername, $this->ADMIN_EMAIL_ARRAY)) {
				$_SESSION['isAdmin'] = true;
			}
		} else {
			sleep(10);  //failed login attempt velocity rule
			$this->killSession();
		}
		return $authenticated;
	}


	/**
	 * 
	 * Logs user out and destroys session
	 */
	public function killSession() {
		unset($_SESSION['login_email']);
		unset($_SESSION['isLoggedIn']);
		session_destroy();
	}
	
	/**
	 *
	 * Generic display page utility.
	 * No other calls needed.
	 * Displays contents of header, $this->content and footer
	 */
	public function display() {
		$this->displayHeader();
		echo $this->content;
		$this->displayFooter();
	}

	/**
	 *
	 * This is for manually controlling the
	 * template, for instance if you want to
	 *  echo instead of push everything into
	 *  a $page->content.
	 * Don't forget to call displayFooter()
	 */
	public function displayHeader() {
		include('headerPrePostHead.html');
		echo $this->preHeadCloseContent;
		include('headerPostHead.html');
	}

	/**
	 * 
	 * For manually displaying the footer
	 */
	public function displayFooter() {
		include('footer.html');
	}


}


?>